5 Steps to Create a Comprehensive Bow Tie Analysis

In the world of process safety management, operational risk management (ORM) bow tie diagrams are powerful visualization tools for asset-intensive organizations in charge of managing major accident hazards and communicating key risk drivers.  

What is the bow tie diagram? To create a bow tie diagram, you make a visual model shaped like – you guessed it – a bow tie, to illustrate the chain of causes and consequences related to a hazard and its barriers, interdependencies, and mitigation measures.  

Since its inception, bow tie analysis has proved an invaluable tool for operations that need to accurately identify and assess risks on a large scale. In this blog, we’ll outline the five key steps you can take to create a comprehensive and effective bow tie model. 


1. Determine the Hazard and Top Event for Your Bow Tie Diagram 

Start by identifying the hazard which represents the potential source of risk. This could be any undesirable workplace condition or outcome, like equipment failure, a chemical spill, or a safety incident.   

Next, define the top event (sometimes referred to as the risk event), which is the loss of control of the hazard. Common top events include loss of containment, blowouts, leaks, fires, or explosions. The hazard and the top event should appear as the center knot of your bow tie. In the below example, the hazard is the orange rectangle, and the top event is the black rectangle: 


*Bow tie analysis image from Prometheus RiskPoynt 


2. Identify Threats and Impacts 

Once you’ve identified the top event, you can begin to chart potential causes and impacts of that event. On the left side of the diagram, list the potential causes of a risk event. On the right side, list the possible impacts of the event. Remember, the sequence of events always moves from left to right. 

Common threats include heavy pressure, high temperature, fatigue, etc. Impacts, on the other hand, usually refer to consequences related to serious injuries or fatalities, harm to the environment, loss of material assets, or lost production. In our example of the left piece of the bow tie, the blue rectangles represent threats (we’ll get to the gray rectangles in the next section): 


*Bow tie analysis image from Prometheus RiskPoynt 

The same goes for impacts on the right side of our bow tie; they are represented by the dark blue rectangles: 


*Bow tie analysis image from Prometheus RiskPoynt 


3. Evaluate Control Measures 

Controls (also called barriers) are protocols designed to lessen the impact of a top event. A threat can be reduced via the effectiveness of these controls and barriers. There are different types, which are mainly a combination of human behavior and/or hardware and technology.  

Categorize controls as preventive (before the top event) or mitigative (after the top event). The preventative barriers go on the left side of the bow tie, while the mitigative barriers belong on the right. Consider passive, active, and behavioral barriers:  

  • Passive control is associated with protective design, i.e., dimension criteria for components with built-in tripping points in case of a component failure. 
  • Active control refers to a mechanism that, at a certain point in a system process, activates to guarantee functionality.  
  • Behavioral control does not relate to a technical function, but to a person who ensures functionality in operating the system. 

Barrier effectiveness can also be influenced by the presence of escalation factors. Elements that cause a barrier to fail can be described as such. These factors have the potential to escalate the impact of your chosen controls. More often than not, this means that existing controls have either been weakened or prevented from functioning appropriately. 

In our model, preventive controls are represented by the gray rectangles on the left side of the bow tie:


*Bow tie analysis image from Prometheus RiskPoynt  

And the mitigative controls on the right side are also represented by gray rectangles: 

*Bow tie analysis image from Prometheus RiskPoynt 

When you put all the pieces together, you get the full model: 

*Bow tie analysis image from Prometheus RiskPoynt 


4. Assess Barrier Quality 

Ensure all barriers are well-designed, properly installed, and consistently maintained. Consider redundancy and diversity to enhance reliability, and regularly monitor barriers to detect any degradation or failures. Implement preventive maintenance and address issues promptly. You can gauge and improve barrier performance through drills, workshops, and real-world scenario mapping.  

Always adjust as needed based on key takeaways. Maintain accurate records of barriers, their status, and any modifications – make sure to communicate barrier-related information to relevant personnel. Remember that even the most well-thought-out barriers can sometimes fail. The important thing to figure out is the reason behind the failure. 


5. Specify Safety-Critical Elements and Activities 

Safety-critical elements (SCEs) are systems and components designed to prevent, control, mitigate, or respond to events that could potentially result in injury or death.  

You can determine who is responsible for a barrier and assess its criticality in the context of all other related information. Start by identifying SCEs relevant to your specific industry or facility. Consider hardware, software, procedures, and other critical components, and use a formal assessment system to identify SCEs practically and credibly. 

Once identified, your SCEs should specify detailed performance standards. Conduct critical function tests to ensure their effectiveness. Integrate maintenance plans and documentation with other non-safety critical tasks. Unlike non-safety critical equipment, where optimization focuses on reliability or cost, SCEs focus on preventing the initial accident. Remember to always prioritize safety over any other considerations. 


Example of Bow Tie Analysis 

As an example, imagine the top event or hazard you’re considering is a site fire.  

The causes on the left side of the bow tie diagram should outline the initiation of a release of a hazard, so they might consist of robotics, weather, or a workplace health and safety (WHS) breach. Following causes, control measures could include fire detection systems and worker safety training. Threats stemming from the source point in this scenario could include electrical motor overload, welders, lightning strikes, or open flame work. 

The elements on the right side of the bow tie diagram would represent the impacts of a site fire, i.e., injury or death, financial and reputational losses, compliance violations, or building damage. Control measures can be used in this phase of your model as well, to decrease the impact of the effects and consequences. These processes could include fire suppression systems, first aid training, and regular roster reviews. 


Benefits of Bow Tie Risk Assessment 

The bow tie analysis model provides a holistic view of risk on a broad scale, making it simple and intuitive to communicate and manage throughout your organization. It’s critical that you regularly review your bow tie risk assessments. Are the barriers effective? Are there new threats and potential outcomes to consider? Adjust as needed and update models over time. 

Integration is also important. Ensure you're using a process safety solution that integrates seamlessly with your enterprise resource management (ERM) software to easily manage and maintain a clear view of your operational risk across your entire organization. 

Ultimately, linking and visualizing all the pieces of a threat, potential event, and control barriers into a complete picture gives you a comprehensive overview of your safety measures – with relevant meta data in the context of your risk scenarios. 


To learn how you can increase visibility and control of process safety and operational risk with Prometheus RiskPoynt, contact Prometheus Group today.